How to configure IPv4, Grouping and Policy in Fortigate Firewall?

In this article, we will give you some information about how to do routine operations such as IPv4 address creation, grouping, and policy creation on your Fortigate Firewall devices through CLI console.

First you can access the CLI console via the web interface or SSH with Putty.

I want to give you some brief information about the commands first.

The “Config“ command allows you to move to the configuration section.
The “Edit“ command is used to create or edit as needed.
The “Set” command is used to add and configure, IP, add members, etc.
The “Next“ gives you a chance to make a new operation in the corresponding config directory.
The “End“ command is used to exit config. We can start now.

First, add an IP address,

We would like to add two IP addresses, “testugur” and “testugur2”.

Fortigate Firewall
Fortigate Firewall

Fortigate Firewall
Fortigate Firewall

Now we create an IP group and add the IP addresses we created above to this group,

Fortigate Firewall
Fortigate Firewall

Now we control our operations through the firewall interface. If you look at our addresses and group has been created.

Fortigate Firewall
Fortigate Firewall

Now we create a policy rule. For example, we create a policy rule without restrictions.

Note: ID number for ”Edit 55 ”policy, If you give the ID number of a used policy, that policy will be edited.

Note: set srcaddr “all“ da in this section we could specify the address group we created above and customize the rule to these addresses only.

Fortigate Firewall
Fortigate Firewall

We check from the web interface, no problems appear. We see that all the settings we specify are created as intended.

Fortigate Firewall
Fortigate Firewall
Fortigate Firewall
Fortigate Firewall

You can do the above and similar configuration tasks on the Fortigate firewall using the correct commands through the CLI console.

I hope it has been a useful article.